月別アーカイブ: 2016年7月

PHP 5.6.24 is released

The PHP development team announces the immediate availability of PHP 5.6.24. This is a security release. Several security bugs were fixed in this release. All PHP 5.6 users are encouraged to upgrade to this version.

For source downloads of PHP 5.6.24 please visit our downloads page, Windows source and binaries can be found on windows.php.net/download/. The list of changes is recorded in the ChangeLog.

PHP 5.5.38 is released

The PHP development team announces the immediate availability of PHP 5.5.38. This is a security release that fixes some security related bugs.

All PHP 5.5 users are encouraged to upgrade to this version.

For source downloads of PHP 5.5.38 please visit our downloads page, Windows source and binaries can be found on windows.php.net/download. The list of changes is recorded in the ChangeLog.

Note that according to our release schedule, PHP 5.5.38 is the last release of the PHP 5.5 branch. There may be additional release if we discover important security issues that warrant it, otherwise this release will be the final one in the PHP 5.5 branch. If your PHP installation is based on PHP 5.5, it may be a good time to start making the plans for the upgrade to PHP 5.6 or PHP 7.0.

PHP 7.0.9 Released

The PHP development team announces the immediate availability of PHP 7.0.9. This is a security release. Several security bugs were fixed in this release, including the HTTP_PROXY issue. All PHP 7.0 users are encouraged to upgrade to this version.

For source downloads of PHP 7.0.9 please visit our downloads page, Windows source and binaries can be found on windows.php.net/download/. The list of changes is recorded in the ChangeLog.

PHP 7.1.0 Beta 1 Released

The PHP development team announces the immediate availability of PHP 7.1.0 Beta 1. This release is the first beta for 7.1.0. All users of PHP are encouraged to test this version carefully, and report any bugs and incompatibilities in the bug tracking system.

THIS IS A DEVELOPMENT PREVIEW - DO NOT USE IT IN PRODUCTION!

PHP 7.1.0 Beta 1 builds on previous releases with:

For more information on the new features and other changes, you can read the NEWS file, or the UPGRADING file for a complete list of upgrading notes. These files can also be found in the release archive.

For source downloads of PHP 7.1.0 Beta 1 please visit the download page, Windows sources and binaries can be found on windows.php.net/qa/.

The second beta will be released on the 8th of August. You can also read the full list of planned releases on our wiki.

Thank you for helping us make PHP better.

JVN: Objective Systems ASN1C で生成したソースコードにバッファオーバーフローの脆弱性

ASN.1 は、ネットワークや通信アプリケーションにおける標準的なデータ構造の記法です。Objective Systems が提供する ASN1C を使用して生成した C または C++ のソースコード内にヒープベースのバッファオーバーフローの脆弱性が存在する問題があります。続きを読む

JVN: CGI ウェブサーバがヘッダ Proxy の値を環境変数 HTTP_PROXY に設定する脆弱性

CGI または類似のコンテキストで動作しているウェブサーバには、クライアントが指定したヘッダ <code>Proxy</code> の値を内部の環境変数 <code>HTTP_PROXY</code> に登録してしまう脆弱性が存在します。この脆弱性によって、内部のサブリクエストに中間者攻撃 (man-in-the-middle attack) を受けたり、サーバを任意のホストに接続させられたりする可能性があります。続きを読む

PHP 7.1.0 Alpha 3 Released

The PHP development team announces the immediate availability of PHP 7.1.0 Alpha 3. This release is the last alpha for 7.1.0. All users of PHP are encouraged to test this version carefully, and report any bugs and incompatibilities in the bug tracking system.

THIS IS A DEVELOPMENT PREVIEW - DO NOT USE IT IN PRODUCTION!

PHP 7.1.0 Alpha 3 builds on previous releases with:

For more information on the new features and other changes, you can read the NEWS file, or the UPGRADING file for a complete list of upgrading notes. These files can also be found in the release archive.

For source downloads of PHP 7.1.0 Alpha 3 please visit the download page, Windows sources and binaries can be found on windows.php.net/qa/.

The first beta will be released on the 21st of July. You can also read the full list of planned releases on our wiki.

Thank you for helping us make PHP better.